CN116700110B - Distributed driving new energy automobile control method based on multi-module division - Google Patents
Distributed driving new energy automobile control method based on multi-module division Download PDFInfo
- Publication number
- CN116700110B CN116700110B CN202310795825.6A CN202310795825A CN116700110B CN 116700110 B CN116700110 B CN 116700110B CN 202310795825 A CN202310795825 A CN 202310795825A CN 116700110 B CN116700110 B CN 116700110B
- Authority
- CN
- China
- Prior art keywords
- message
- attack
- whole vehicle
- signal receiving
- ecu
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 230000002159 abnormal effect Effects 0.000 claims abstract description 9
- 230000008859 change Effects 0.000 claims abstract description 7
- 238000012360 testing method Methods 0.000 claims description 66
- 230000005856 abnormality Effects 0.000 claims description 12
- 238000004891 communication Methods 0.000 claims description 7
- 238000004519 manufacturing process Methods 0.000 abstract 1
- 239000003990 capacitor Substances 0.000 description 93
- 230000005540 biological transmission Effects 0.000 description 18
- 238000010586 diagram Methods 0.000 description 10
- 230000001052 transient effect Effects 0.000 description 8
- 239000013078 crystal Substances 0.000 description 5
- 238000003745 diagnosis Methods 0.000 description 5
- 230000009467 reduction Effects 0.000 description 3
- 101100102627 Oscarella pearsei VIN1 gene Proteins 0.000 description 2
- 101500000959 Bacillus anthracis Protective antigen PA-20 Proteins 0.000 description 1
- 101000734572 Homo sapiens Phosphoenolpyruvate carboxykinase, cytosolic [GTP] Proteins 0.000 description 1
- 102100034796 Phosphoenolpyruvate carboxykinase, cytosolic [GTP] Human genes 0.000 description 1
- 101000701286 Pseudomonas aeruginosa (strain ATCC 15692 / DSM 22644 / CIP 104116 / JCM 14847 / LMG 12228 / 1C / PRS 101 / PAO1) Alkanesulfonate monooxygenase Proteins 0.000 description 1
- 101100420795 Schizosaccharomyces pombe (strain 972 / ATCC 24843) sck1 gene Proteins 0.000 description 1
- 101000983349 Solanum commersonii Osmotin-like protein OSML13 Proteins 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000087 stabilizing effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000010998 test method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/04—Programme control other than numerical control, i.e. in sequence controllers or logic controllers
- G05B19/042—Programme control other than numerical control, i.e. in sequence controllers or logic controllers using digital processors
- G05B19/0423—Input/output
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/20—Pc systems
- G05B2219/21—Pc I-O input output
- G05B2219/21063—Bus, I-O connected to a bus
Landscapes
- Small-Scale Networks (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Automation & Control Theory (AREA)
Abstract
The invention provides a distributed driving new energy automobile control method based on multi-module division, which is used for manufacturing DOS attack by sending a non-standard frame, and comprises the following steps: step A: judging the frame type used on the bus at the moment, wherein the frame type comprises a standard frame or/and an extended frame; and (B) step (B): the whole vehicle state is kept unchanged, and other types of data frames which are not the network segment frame types are periodically transmitted by using the CAN signal receiving and transmitting unit; step C: if the values are different, judging whether the properties of the values are unchanged values or changed values, and judging whether the change rules are the same or not; step D: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and using the CAN bus anomaly analysis unit to analyze whether the message sent by the ECU is normal after the attack is removed. The invention makes the ECU have abnormal conditions under the conditions by sending error frames, abnormal frames, non-standard frames and the like, so that the whole vehicle has abnormal conditions, thereby achieving the purpose of attack.
Description
Technical Field
The invention relates to the technical field of vehicle-mounted network attack testing, in particular to a distributed driving new energy automobile control method based on multi-module division.
Background
The CAN is a serial communication protocol bus for real-time application and effectively supporting a distributed control system, is one of the most widely used field buses in global application, has high real-time property and strong anti-interference capability, and is suitable for automobiles and industrial control applications.
With the development of the internet of vehicles technology, the safety of the vehicle-mounted network is paid more attention to, the safety of the vehicle-mounted network system is related to the life and property safety of users, and if the vehicle-mounted network system is attacked maliciously, the whole system network cannot work normally, so that enterprise clients suffer significant losses. In order to improve the safety and stability of the CAN network, problems are found by network attack means in various aspects, and measures are taken in time to avoid risks.
Disclosure of Invention
The invention aims at least solving the technical problems in the prior art, and particularly creatively provides a distributed driving new energy automobile control method based on multi-module division.
In order to achieve the above object of the present invention, the present invention provides a distributed driving new energy automobile control method based on multi-module division, which makes DOS attack by transmitting a non-standard frame, the steps of the test method are as follows:
step A: the method comprises the steps of accessing test equipment, receiving a whole vehicle message by using a CAN signal receiving and transmitting unit, wherein the whole vehicle state is power-on, collecting the message normally sent by the whole vehicle ECU at the moment, and judging the frame type used on a bus at the moment, wherein the frame type comprises a standard frame or/and an extended frame;
and (B) step (B): the whole vehicle state is kept unchanged, and other types of data frames which are not the network segment frame types are periodically transmitted by using the CAN signal receiving and transmitting unit;
step C: analyzing whether the message period and the data section content sent by the ECU at the moment are the same as those before attack or not by a CAN bus anomaly analysis unit; if the values are different, judging whether the properties of the values are unchanged values or changed values, and judging whether the change rules are the same or not;
step D: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and using the CAN bus anomaly analysis unit to analyze whether the message sent by the ECU is normal after the attack is removed.
The invention also discloses a distributed driving new energy automobile control method based on multi-module division, which transmits messages with different rates to attack a network, and the testing method comprises the following steps:
step A: the whole vehicle is powered on, connected with test equipment, receives a whole vehicle message by using a CAN signal receiving and transmitting unit, and judges the communication rate used on the bus at the moment;
and (B) step (B): transmitting a message at a communication rate different from that of the network segment by using a CAN signal receiving and transmitting unit;
step C: analyzing whether the message period and the data segment content sent by the state ECU of the network are the same as those before attack or not through a CAN bus abnormality analysis unit; if the values are different, judging whether the properties of the values are unchanged values or changed values, and judging whether the change rules are the same or not;
step D: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and simultaneously using the CAN bus abnormality analysis unit ECU to send the message whether the message is normal after the attack is removed.
The invention also discloses a distributed driving new energy automobile control method based on multi-module division, which uses the CAN signal receiving and transmitting unit to send error frames, and the testing method comprises the following steps:
step A: the method comprises the steps of accessing test equipment, receiving a whole vehicle message by using a CAN signal receiving and transmitting unit, powering up the whole vehicle, and collecting the message normally sent by the whole vehicle ECU at the moment;
and (B) step (B): the CAN signal receiving and transmitting unit is used for transmitting error frames, the number of the error frames is gradually increased until the CAN bus anomaly analysis unit analyzes whether the message period and the data segment content transmitted by the state ECU of the network are different from those before attack; or stopping the attack if the attack time reaches a set value;
step C: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and using the CAN bus anomaly analysis unit to analyze whether the message sent by the ECU is normal after the attack is removed.
The invention also discloses a distributed driving new energy automobile control method based on multi-module division, which uses the CAN signal receiving and transmitting unit to send messages with different data lengths from the normal messages of the whole automobile, and the testing method comprises the following steps:
step A: the method comprises the steps of accessing test equipment, receiving a whole vehicle message by using a CAN signal receiving and transmitting unit, powering up the whole vehicle, and collecting the message normally sent by the whole vehicle ECU at the moment;
and (B) step (B): analyzing the length of each message by using a CAN bus signal analysis unit, and then transmitting abnormal messages with different lengths from those of normal messages by using a CAN signal receiving and transmitting unit;
step C: using a CAN bus anomaly analysis unit to analyze whether the message period and the data segment content sent by a state ECU of the network are different from those before attack; or stopping the attack if the attack time reaches a set value;
step D: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and using the CAN bus anomaly analysis unit to analyze whether the message sent by the ECU is normal after the attack is removed.
In a preferred embodiment of the present invention, the above-described test steps are performed while the following operations are performed:
and observing the current state of the detected vehicle, judging whether the obtained current state accords with the expected state, if so, not making any further judgment, otherwise, judging that the state of the CAN detected vehicle is changed due to the aggressiveness test.
The invention also discloses a distributed driving new energy automobile control system based on multi-module division, which comprises a vehicle to be diagnosed and distributed driving new energy automobile test equipment based on multi-module division;
the distributed driving new energy automobile test equipment based on multi-module division is connected with the vehicle to be diagnosed through a CAN bus;
the system also comprises a CAN signal receiving and transmitting unit and a CAN bus anomaly analysis unit;
the CAN signal receiving and transmitting unit is used for transmitting the designed attack-related message;
the CAN bus abnormality analysis unit is used for analyzing and positioning abnormality.
In summary, by adopting the technical scheme, the method and the device enable the ECU to generate abnormal conditions under the conditions by sending error frames, abnormal frames, non-standard frames and the like, so that the whole vehicle is abnormal, and the aim of attack is achieved.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The foregoing and/or additional aspects and advantages of the invention will become apparent and may be better understood from the following description of embodiments taken in conjunction with the accompanying drawings in which:
fig. 1 is a schematic block diagram of a flow of the present invention.
Fig. 2 is a schematic block diagram of the connection of the present invention.
Fig. 3 is a schematic circuit connection diagram of a USB data transmission module according to the present invention.
Fig. 4 is a schematic circuit connection diagram of the CAN data transmission module of the present invention.
Fig. 5 is a schematic diagram of circuit connection of the RS232 data transmission module according to the present invention.
Fig. 6 is a schematic circuit connection diagram of a data switching module according to the present invention.
FIG. 7 is a schematic diagram of a key set module circuit connection according to the present invention.
Fig. 8 is a schematic diagram of circuit connection of the indicator light assembly module according to the present invention.
FIG. 9 is a schematic diagram of the circuit connection of the test module of the present invention.
Fig. 10 is a schematic diagram of the circuit connections of the microcontroller of the present invention.
Detailed Description
Embodiments of the present invention are described in detail below, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below by referring to the drawings are illustrative only and are not to be construed as limiting the invention.
The invention discloses a distributed driving new energy automobile test device based on multi-module division, which comprises a test box, wherein a PCB diagnosis circuit board fixed mounting seat for fixedly mounting a PCB diagnosis circuit board is arranged in the test box, the PCB diagnosis circuit board is fixedly mounted on the PCB diagnosis circuit board fixed mounting seat, and as shown in figures 2-10, a microcontroller U1, a USB data transmission module, a CAN data transmission module, an RS232 data transmission module, a key set module and an indicator lamp set module are arranged on the PCB diagnosis circuit board;
the front of the test box is provided with a touch display screen fixed mounting seat for fixedly mounting a touch display screen, a key set mounting seat for fixedly mounting a key set and an indicator lamp set mounting seat for fixedly mounting an indicator lamp set, the touch display screen is fixedly mounted on the touch display screen fixed mounting seat, the key set is fixedly mounted on the key set mounting seat, and the indicator lamp set is fixedly mounted on the indicator lamp set mounting seat; the left side of the test box is provided with a USB interface mounting seat for fixedly mounting a USB interface JP4, the USB interface JP4 is fixedly mounted on the USB interface mounting seat, the right side of the test box is provided with a CAN interface mounting seat for fixedly mounting a CAN interface JP1 and a CAN interface JP2, the CAN interface JP1 and the CAN interface JP2 are fixedly mounted on the CAN interface mounting seat, the front side of the test box is provided with an RS232 interface mounting seat for fixedly mounting an RS232 interface JP6, the RS232 interface JP6 is fixedly mounted on the RS232 interface mounting seat, the rear side of the test box is provided with a test interface mounting seat for fixedly mounting a test interface JP1, and the test interface JP1 is fixedly mounted on the test interface mounting seat;
the USB data transmission end of the microcontroller U1 is connected with the data transmission end of the USB data transmission module, the CAN data transmission end of the microcontroller U1 is connected with the data transmission end of the CAN data transmission module, the RS232 data transmission end of the microcontroller U1 is connected with the data transmission end of the RS232 data transmission module, the key group end of the microcontroller U1 is connected with the key end of the key group module, and the indication lamp group end of the microcontroller U1 is connected with the indication end of the indication lamp group module; the touch display end of the microcontroller U1 is connected with the touch display end of the touch display screen.
In a preferred embodiment of the present invention, the USB data transmission module includes: the power output end of the USB interface JP4 is respectively connected with the first end of the FUSE1 and the first end of the capacitor C23, the power output end of the USB interface JP4 outputs a power USB_VCC, the second end of the FUSE FUSE1 is respectively connected with the first end of the capacitor C27 and the power input end IN of the voltage reduction chip U2, the second end of the FUSE FUSE1 outputs a power +5V, the second end of the capacitor C27 is connected with the power ground, the power ground end GND of the voltage reduction chip U2 is connected with the power ground, the power output end of the voltage reduction chip U2 is respectively connected with the first end of the capacitor C26, the first end of the capacitor C28 and the first end of the FUSE FUSE2, the second end of the FUSE FUSE2 outputs a power 3V3, and the first end of the capacitor C26 and the first end of the capacitor C28 are respectively connected with the power ground;
the power output grounding end of the USB interface JP4 and the second end of the capacitor C23 are respectively connected with the power ground, the data USB negative end of the USB interface JP4 is connected with the first end of the resistor R6, the second end of the resistor R6 is respectively connected with the first end of the capacitor C24 and the USB data negative end DDM of the microcontroller U1, the data USB positive end of the USB interface JP4 is respectively connected with the first end of the resistor R5 and the first end of the resistor R7, the second end of the resistor R7 is respectively connected with the first end of the capacitor C25 and the USB data positive end DDP of the microcontroller U1, the second end of the capacitor C24 and the second end of the capacitor C25 are respectively connected with the power ground, the second end of the resistor R5 is connected with the collector of the triode Q1, the emitter of the triode Q1 is respectively connected with the power 3V3 and the first end of the resistor R16, and the second end of the resistor R17 is respectively connected with the USB control enabling end PA 8/RTSP 0/NPCS 3 of the microcontroller U1. The resistance of the resistor R16 is 47K, the resistance of the resistor R17 is 1.2K, the model of the triode Q1 is 8550S, the resistance of the resistor R5 is 1.5K, the resistances of the resistor R6 and the resistor R7 are 25 omega, the capacitance of the capacitor C24 and the capacitor C25 is 15pF, the capacitance of the capacitor C23 is 100nF, the capacitance of the capacitor C27 and the capacitor C28 is 47uF, the capacitance of the capacitor C26 is 0.1F, and the model of the buck chip U2 is REG1117-3.3.
In a preferred embodiment of the invention, the CAN data transmission module comprises: the data receiving end RXD of the CAN transceiver U7 is respectively connected with the first end of the resistor R3 and the CAN data transmitting end PA19/CANRX of the microcontroller U1, and the data transmitting end TXD of the CAN transceiver U7 is connected with the CAN data receiving end PA20/CANTX of the microcontroller U1;
the power end VCC of the CAN transceiver U7 is respectively connected with a power supply +5V, the first end of a capacitor C21 and the first end of a capacitor C22, the second end of the capacitor C21 and the second end of the capacitor C22 are respectively connected with power supply ground, the grounding end GND of the CAN transceiver U7 is connected with the power supply ground, and the mode end RS of the CAN transceiver U7 is connected with the additional CAN mode end PA18/SPI0_SPCK of the microcontroller U1;
the CAN data high end CANH of the CAN transceiver U7 is respectively connected with the data high end of the CAN interface JP1 and the data high end of the CAN interface JP2, the CAN data low end CANL of the CAN transceiver U7 is respectively connected with the data low end of the CAN interface JP2 and the first end of the adjustable terminal resistor R4, and the second end of the adjustable terminal resistor R4 is connected with the data low end of the CAN interface JP 1. The resistance value of the resistor R3 is 1.5K, the model of the CAN transceiver U7 is TJA1050, the capacitor C21 is 104, the capacitance value of the capacitor C22 is 10uF, and the resistance value of the adjustable termination resistor R4 is 120Ω.
In a preferred embodiment of the present invention, the RS232 data transmission module includes: the charge pump end V+ of the RS232 chip U3 is connected with the first end of the capacitor C30, the second end of the capacitor C30 is connected with the power ground, the positive end C1+ of the voltage doubling capacitor of the RS232 chip U3 is connected with the first end of the capacitor C32, the voltage doubling capacitor Rong Fuduan C1-of the RS232 chip U3 is connected with the second end of the capacitor C32, the transmitter input end T1in of the RS232 chip U3 is connected with the data end PA1/TXD0 of the microcontroller U1, the receiver output end R1out of the RS232 chip U3 is connected with the data end PA0/RXD0 of the microcontroller U1, the transmitter input end T2in of the RS232 chip U3 is connected with the data end PA28/DTXD 3 of the microcontroller U1, the receiver output end R2 of the RS232 chip U3 is connected with the data end PA27/DRXD/PCK3 of the microcontroller U1, the charge pump end V-of the RS232 chip U3 is connected with the first end of the capacitor C33, and the second end of the capacitor C33 is connected with the power ground;
the power end VCC of the RS232 chip U3 is connected with a power supply 3V3 and a first end of a capacitor C29 respectively, a second end of the capacitor C29 is connected with power supply ground, a voltage doubling capacitor Rong Fuduan C2-of the RS232 chip U3 is connected with a first end of the capacitor C31, a voltage doubling capacitor positive end C2+ of the RS232 chip U3 is connected with a second end of the capacitor C31, a transmitter output end T1out of the RS232 chip U3 is connected with a data receiving end of an RS232 interface JP6, a receiver input end R1out of the RS232 chip U3 is connected with a data transmitting end of the RS232 interface JP6, a grounding end of the RS232 interface JP6 is connected with power supply ground, a transmitter output end T2out of the RS232 chip U3 is connected with a data receiving end of an RS232 interface JP7, and a grounding end of the RS232 interface JP7 is connected with power supply ground; the ground GND of the RS232 chip U3 is connected to the power ground. The capacitance values of the capacitor C29, the capacitor C30, the capacitor C31, the capacitor C32 and the capacitor C33 are 120nf, and the model number of the rs232 chip U3 is MAX3232.
In a preferred embodiment of the present invention, further comprising a data switching module, the data switching module comprising: the data output end of the data switching chip U6 is connected with the data receiving end PA5/RXD1 of the microcontroller U1, the data input end of the data switching chip U6 is connected with the data transmitting end PA6/TXD1 of the microcontroller U1, and the grounding end GND of the data switching chip U6 is connected with the power supply ground;
the power end of the data switching chip U6 is connected with a power supply +5V and the first end of the capacitor C34 respectively, and the second end of the capacitor C34 is connected with the power supply ground; the receiver data positive end of the data switching chip U6 is respectively connected with the first end of a resistor R9, the input end VIN2 of a transient suppressor U4 and the data first positive end of an interface JP5, the second end of the resistor R9 is connected with the power ground, the receiver data negative end of the data switching chip U6 is respectively connected with the first end of a resistor R8, the input end VIN1 of the transient suppressor U4 and the data first negative end of the interface JP5, the second end of the resistor R8 is connected with the power ground, and the ground end of the transient suppressor U4 is connected with the power ground;
the transmitter data negative terminal of the data switching chip U6 is respectively connected with the input end VIN1 of the transient suppressor U5 and the data second negative terminal of the interface JP5, the transmitter data positive terminal of the data switching chip U6 is respectively connected with the input end VIN2 of the transient suppressor U5 and the data second positive terminal of the interface JP5, and the grounding terminal of the transient suppressor U5 is connected with the power supply ground. The data switching chip U6 has a model number MAX488, the capacitor C34 has a capacitance value of 100nF, the resistors R8 and R9 have a resistance value of 3.3K, and the transient suppressor U4 and the transient suppressor U5 have a model number SM712.
In a preferred embodiment of the present invention, the key set module includes: the first end of the key S4 is connected with the first end of the power supply 3V3, the second end of the key S4 is connected with the ERASE end ERASE of the microcontroller U1, the first end of the key S2 is connected with the power supply ground, the second end of the key S2 is connected with the key end PA11/TWCK of the microcontroller U1, the first end of the key S3 is connected with the power supply ground, the second end of the key S3 is connected with the key end PA10/TWD of the microcontroller U1, the first end of the key S5 is connected with the power supply ground, and the second end of the key S5 is connected with the reset end NRST of the microcontroller U1. Wherein the model of the data switching chip U6 is MAX488, the capacitance value of the capacitor C34 is 100nF, the resistance values of the resistor R8 and the resistor R9 are 3.3K,
in a preferred embodiment of the present invention, the indicator light bank module includes: the cathode of the power indicator light LED3 is connected with power ground, the anode of the power indicator light LED3 is connected with the first end of the resistor R10, and the second end of the resistor R10 is connected with the power supply 3V 3; the negative electrode of the indicator light LED11 is connected with the power ground, the positive electrode of the indicator light LED11 is connected with the first end of the resistor R13, and the second end of the resistor R13 is connected with the indicator end PA13/SPI0_NPCS1/PCK1 of the microcontroller U1; the negative electrode of the indicator light LED22 is connected with the power ground, the positive electrode of the indicator light LED22 is connected with the first end of the resistor R14, and the second end of the resistor R14 is connected with the indicator end PA12/SPI0_NPCS0 of the microcontroller U1; the negative pole of pilot lamp LED44 links to each other with power ground, and the positive pole of pilot lamp LED44 links to each other with the first end of resistance R11, and the second end of resistance R11 links to each other with microcontroller U1's pilot terminal PA7/SCK1/SPI0_NPCS 1. The resistances of the resistors R10, R11, R13, and R14 are 2.2K.
In a preferred embodiment of the present invention, further comprising a test module, the test module comprising: the test data input end TDI of the microcontroller U1 is respectively connected with the first end of a resistor R55 and the test data output end of a test interface JP1, and the second end of the resistor R55 is connected with a power supply 3V 3; the test mode selection end TMS of the microcontroller U1 is respectively connected with the first end of the resistor R53 and the test mode selection end of the test interface JP1, and the second end of the resistor R53 is connected with the power supply 3V 3; the test clock end TCK of the microcontroller U1 is respectively connected with the first end of the resistor R51 and the test clock end of the test interface JP1, and the second end of the resistor R51 is connected with the power supply 3V 3; the test data output end of the microcontroller U1 is connected with the test data input end of the test interface JP 1; the wiper end NRST of the microcontroller U1 is respectively connected with the first end of the resistor R15 and the wiper end of the test interface JP1, and the second end of the resistor R15 is connected with the power supply 3V 3; the power supply 3V3 is connected to the first end of the resistor R57, the second end of the resistor R51 is connected to the first test end of the test interface JP1, the power supply 3V3 is connected to the second test end of the test interface JP1, and the ground end of the test interface JP1 is connected to the power supply ground. The resistance of the resistor R15 is 10K, and the resistances of the resistors R51, R53, R55, and R57 are 4.7K.
In a preferred embodiment of the present invention, the voltage stabilizing output terminal VDDOUT of the microcontroller U1 is connected to the power supply terminal VDDCORE of the microcontroller U1, the first terminal of the capacitor C3, the first terminal of the capacitor C4, the first terminal of the capacitor C5, the first terminal of the capacitor C6 and the first terminal of the capacitor C18, and the second terminal of the capacitor C3, the second terminal of the capacitor C4, the second terminal of the capacitor C5, the second terminal of the capacitor C6 and the second terminal of the capacitor C18 are connected to the power supply ground, respectively; the power supply end VDDIO of the microcontroller U1 is respectively connected with the first end of a capacitor C7, the first end of a capacitor C8, the first end of a capacitor C9, the first end of a capacitor C10, the first end of a capacitor C11 and a power supply 3V3, and the second end of the capacitor C7, the second end of the capacitor C8, the second end of the capacitor C9, the second end of the capacitor C10 and the second end of the capacitor C11 are respectively connected with power supply ground; the grounding end of the microcontroller U1 is connected with the power supply ground; the crystal oscillator end XIN of the microcontroller U1 is respectively connected with the first end of the capacitor C12 and the first end of the crystal oscillator Y1, the crystal oscillator end XOUT of the microcontroller U1 is respectively connected with the first end of the capacitor C13 and the second end of the crystal oscillator Y1, and the second end of the capacitor C12 and the second end of the capacitor C13 are respectively connected with power supply ground; the power supply end VDDCLL of the microcontroller U1 is respectively connected with the first end of the capacitor C14 and the voltage-stabilizing output end VDDOUT of the microcontroller U1, and the second end of the capacitor C14 is connected with power supply ground; the filter end of the microcontroller U1 is respectively connected with the first end of the capacitor C15 and the first end of the resistor R2, the second end of the resistor R2 is connected with the first end of the capacitor C16, and the second end of the capacitor C15 and the second end of the capacitor C16 are respectively connected with power ground; the power supply end VDDIN of the microcontroller U1 is respectively connected with a power supply 3V3, a first end of a capacitor C1 and a first end of a capacitor C17, and a second end of the capacitor C1 and a second end of the capacitor C17 are respectively connected with power supply ground; the power supply end VDDBSH of the microcontroller U1 is respectively connected with the power supply 3V3 and the first end of the capacitor C2, and the second end of the capacitor C2 is respectively connected with the power supply ground; the analog-digital voltage reference end of the microcontroller U1 is respectively connected with the first end of the capacitor C19 and the first end of the inductor L1, the second end of the inductor L1 is respectively connected with the first end of the capacitor C20 and the power supply 3V3, and the second end of the capacitor C19 and the second end of the capacitor C20 are respectively connected with the power supply ground. The capacitance value of the capacitor C18 is 10uF, the capacitance values of the capacitors C3-C11 are 100nF, the capacitance values of the capacitors C12 and C13 are 10pF, the frequency of the crystal oscillator Y1 is 18.4MHz, the capacitance value of the capacitor C15 is 1nF, the capacitance values of the capacitors C1, C2, C14, C17, C19 and C20 are 100nF, the capacitance value of the capacitor C16 is 10nF, and the model of the microcontroller U1 is ATM89C52.
The invention also discloses a distributed driving new energy automobile control system based on multi-module division, which comprises a vehicle to be diagnosed and distributed driving new energy automobile test equipment based on multi-module division;
the distributed driving new energy automobile test equipment based on multi-module division is connected with the vehicle to be diagnosed through a CAN bus; the USB interface JP4 is connected with a +5V power connector, and +5V power is input to the USB interface JP 4.
The system also comprises a CAN signal receiving and transmitting unit and a CAN bus anomaly analysis unit;
the CAN signal receiving and transmitting unit is used for transmitting the designed attack-related message;
the CAN bus abnormality analysis unit is used for analyzing and positioning abnormality.
The invention also discloses a distributed driving new energy automobile control method based on multi-module division, which comprises the following steps of:
step A: the method comprises the steps of accessing test equipment, receiving a whole vehicle message by using a CAN signal receiving and transmitting unit, wherein the whole vehicle state is power-on, collecting the message normally sent by the whole vehicle ECU at the moment, and judging the frame type used on a bus at the moment, wherein the frame type comprises a standard frame or/and an extended frame;
and (B) step (B): the whole vehicle state is kept unchanged, and other types of data frames which are not the network segment frame types are periodically transmitted by using the CAN signal receiving and transmitting unit;
step C: analyzing whether the message period and the data section content sent by the ECU at the moment are the same as those before attack or not by a CAN bus anomaly analysis unit; if the values are different, judging whether the properties of the values are unchanged values or changed values, and judging whether the change rules are the same or not;
step D: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and using the CAN bus anomaly analysis unit to analyze whether the message sent by the ECU is normal after the attack is removed.
The invention also discloses a distributed driving new energy automobile control method based on multi-module division, which transmits messages with different rates to attack a network, and the testing method comprises the following steps:
step A: the whole vehicle is powered on, connected with test equipment, receives a whole vehicle message by using a CAN signal receiving and transmitting unit, and judges the communication rate used on the bus at the moment;
and (B) step (B): transmitting a message at a communication rate different from that of the network segment by using a CAN signal receiving and transmitting unit;
step C: analyzing whether the message period and the data segment content sent by the state ECU of the network are the same as those before attack or not through a CAN bus abnormality analysis unit; if the values are different, judging whether the properties of the values are unchanged values or changed values, and judging whether the change rules are the same or not;
step D: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and simultaneously using the CAN bus abnormality analysis unit ECU to send the message whether the message is normal after the attack is removed.
The invention also discloses a distributed driving new energy automobile control method based on multi-module division, which uses the CAN signal receiving and transmitting unit to send error frames, as shown in figure 1, and comprises the following steps:
step A: the method comprises the steps of accessing test equipment, receiving a whole vehicle message by using a CAN signal receiving and transmitting unit, powering up the whole vehicle, and collecting the message normally sent by the whole vehicle ECU at the moment;
and (B) step (B): the CAN signal receiving and transmitting unit is used for transmitting error frames, the number of the error frames is gradually increased until the CAN bus anomaly analysis unit analyzes whether the message period and the data segment content transmitted by the state ECU of the network are different from those before attack; or stopping the attack if the attack time reaches a set value;
step C: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and using the CAN bus anomaly analysis unit to analyze whether the message sent by the ECU is normal after the attack is removed.
The invention also discloses a distributed driving new energy automobile control method based on multi-module division, which uses the CAN signal receiving and transmitting unit to send messages with different data lengths from the normal messages of the whole automobile, and the testing method comprises the following steps:
step A: the method comprises the steps of accessing test equipment, receiving a whole vehicle message by using a CAN signal receiving and transmitting unit, powering up the whole vehicle, and collecting the message normally sent by the whole vehicle ECU at the moment;
and (B) step (B): analyzing the length of each message by using a CAN bus signal analysis unit, and then transmitting abnormal messages with different lengths from those of normal messages by using a CAN signal receiving and transmitting unit;
step C: using a CAN bus anomaly analysis unit to analyze whether the message period and the data segment content sent by a state ECU of the network are different from those before attack; or stopping the attack if the attack time reaches a set value;
step D: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and using the CAN bus anomaly analysis unit to analyze whether the message sent by the ECU is normal after the attack is removed.
In a preferred embodiment of the present invention, the above-described test steps are performed while the following operations are performed:
and observing the current state of the detected vehicle, judging whether the obtained current state accords with the expected state, if so, not making any further judgment, otherwise, judging that the state of the CAN detected vehicle is changed due to the aggressiveness test.
While embodiments of the present invention have been shown and described, it will be understood by those of ordinary skill in the art that: many changes, modifications, substitutions and variations may be made to the embodiments without departing from the spirit and principles of the invention, the scope of which is defined by the claims and their equivalents.
Claims (6)
1. A distributed driving new energy automobile control method based on multi-module division, characterized in that DOS attack is manufactured by sending non-standard frames, the control method comprises the following steps:
step A: the method comprises the steps of accessing test equipment, receiving a whole vehicle message by using a CAN signal receiving and transmitting unit, wherein the whole vehicle state is power-on, collecting the message normally sent by the whole vehicle ECU at the moment, and judging the frame type used on a bus at the moment, wherein the frame type comprises a standard frame or/and an extended frame;
and (B) step (B): the whole vehicle state is kept unchanged, and other types of data frames which are not the network segment frame types are periodically transmitted by using the CAN signal receiving and transmitting unit;
step C: analyzing whether the message period and the data section content sent by the ECU at the moment are the same as those before attack or not by a CAN bus anomaly analysis unit; if the message period and the data section content sent by the ECU are different, judging whether the property of the numerical value in the message period and the data section content is a constant numerical value or a variable numerical value, and judging whether the change rule is the same;
step D: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and using the CAN bus anomaly analysis unit to analyze whether the message sent by the ECU is normal after the attack is removed.
2. The method for controlling a distributed driving new energy automobile based on multi-module division according to claim 1, wherein messages with different rates are sent to attack a network, and the testing method comprises the following steps:
step A: the whole vehicle is powered on, connected with test equipment, receives a whole vehicle message by using a CAN signal receiving and transmitting unit, and judges the communication rate used on the bus at the moment;
and (B) step (B): transmitting a message at a communication rate different from that of the network segment by using a CAN signal receiving and transmitting unit;
step C: analyzing whether the message period and the data segment content sent by the state ECU of the network are the same as those before attack or not through a CAN bus abnormality analysis unit; if the message period and the data section content sent by the ECU are different, judging whether the property of the numerical value in the message period and the data section content is a constant numerical value or a variable numerical value, and judging whether the change rule is the same;
step D: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and simultaneously using the CAN bus abnormality analysis unit ECU to send the message whether the message is normal after the attack is removed.
3. The multi-module division-based control method for a distributed-type driving new energy automobile according to claim 1, wherein the error frame is transmitted by using a CAN signal transceiver unit, and the testing method comprises the steps of:
step A: the method comprises the steps of accessing test equipment, receiving a whole vehicle message by using a CAN signal receiving and transmitting unit, powering up the whole vehicle, and collecting the message normally sent by the whole vehicle ECU at the moment;
and (B) step (B): the CAN signal receiving and transmitting unit is used for transmitting error frames, the number of the error frames is gradually increased until the CAN bus anomaly analysis unit analyzes whether the message period and the data segment content transmitted by the state ECU of the network are different from those before attack; or stopping the attack if the attack time reaches a set value;
step C: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and using the CAN bus anomaly analysis unit to analyze whether the message sent by the ECU is normal after the attack is removed.
4. The multi-module division-based control method for the distributed-type driving new energy automobile according to claim 1, wherein the method for testing the distributed-type driving new energy automobile comprises the following steps of:
step A: the method comprises the steps of accessing test equipment, receiving a whole vehicle message by using a CAN signal receiving and transmitting unit, powering up the whole vehicle, and collecting the message normally sent by the whole vehicle ECU at the moment;
and (B) step (B): analyzing the length of each message by using a CAN bus signal analysis unit, and then transmitting abnormal messages with different lengths from those of normal messages by using a CAN signal receiving and transmitting unit;
step C: using a CAN bus anomaly analysis unit to analyze whether the message period and the data segment content sent by a state ECU of the network are different from those before attack; or stopping the attack if the attack time reaches a set value;
step D: stopping DOS attack, using the CAN signal receiving and transmitting unit to receive the whole vehicle message, and using the CAN bus anomaly analysis unit to analyze whether the message sent by the ECU is normal after the attack is removed.
5. The multi-module division-based control method for a distributed-type driving new energy automobile according to one of claims 1 to 4, wherein the following operations are performed while the above-mentioned test steps are performed:
and observing the current state of the detected vehicle, judging whether the obtained current state accords with the expected state, if so, not making any further judgment, otherwise, judging that the state of the CAN detected vehicle is changed due to the aggressiveness test.
6. The multi-module division-based distributed driving new energy automobile control method according to one of claims 1 to 4, characterized by comprising a vehicle to be diagnosed and a multi-module division-based distributed driving new energy automobile test device;
the distributed driving new energy automobile test equipment based on multi-module division is connected with the vehicle to be diagnosed through a CAN bus;
the system also comprises a CAN signal receiving and transmitting unit and a CAN bus anomaly analysis unit;
the CAN signal receiving and transmitting unit is used for transmitting the designed attack-related message;
the CAN bus abnormality analysis unit is used for analyzing and positioning abnormality.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410556271.9A CN118713850A (en) | 2023-06-30 | 2023-06-30 | Distributed control system for new energy automobile |
| CN202310795825.6A CN116700110B (en) | 2023-06-30 | 2023-06-30 | Distributed driving new energy automobile control method based on multi-module division |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310795825.6A CN116700110B (en) | 2023-06-30 | 2023-06-30 | Distributed driving new energy automobile control method based on multi-module division |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410556271.9A Division CN118713850A (en) | 2023-06-30 | 2023-06-30 | Distributed control system for new energy automobile |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116700110A CN116700110A (en) | 2023-09-05 |
| CN116700110B true CN116700110B (en) | 2024-03-26 |
Family
ID=87832315
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310795825.6A Active CN116700110B (en) | 2023-06-30 | 2023-06-30 | Distributed driving new energy automobile control method based on multi-module division |
| CN202410556271.9A Pending CN118713850A (en) | 2023-06-30 | 2023-06-30 | Distributed control system for new energy automobile |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410556271.9A Pending CN118713850A (en) | 2023-06-30 | 2023-06-30 | Distributed control system for new energy automobile |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN116700110B (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20060067099A (en) * | 2004-12-14 | 2006-06-19 | 한국전자통신연구원 | Method and apparatus for protection to link security attack |
| CN104703206A (en) * | 2015-02-15 | 2015-06-10 | 中国科学院上海微系统与信息技术研究所 | Network protocol performance test bed system for wireless sensor network and testing method |
| JP2017112594A (en) * | 2015-12-14 | 2017-06-22 | パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカPanasonic Intellectual Property Corporation of America | Security device, network system and attack detection method |
| CN108415398A (en) * | 2017-02-10 | 2018-08-17 | 上海辇联网络科技有限公司 | Automobile information safety automation tests system and test method |
| CN112187936A (en) * | 2020-09-29 | 2021-01-05 | 北京车和家信息技术有限公司 | Vehicle data processing method, device, equipment, storage medium and vehicle |
| CN213338428U (en) * | 2020-09-18 | 2021-06-01 | 大连理工大学 | Automobile CAN bus information safety simulation device |
| CN114157469A (en) * | 2021-11-27 | 2022-03-08 | 北京工业大学 | Vehicle-mounted network variant attack intrusion detection method and system based on domain-confronted neural network |
| WO2022085863A1 (en) * | 2020-10-21 | 2022-04-28 | 숭실대학교 산학협력단 | Method for handling hacked node on can bus physical layer, physical layer security method through automatic node id setting on can bus, recording medium for carrying out same, and system |
| CN115412279A (en) * | 2021-05-26 | 2022-11-29 | 马瑞利欧洲公司 | Method for preventing network attacks on vehicles and corresponding device |
| DE102021123255A1 (en) * | 2021-09-08 | 2023-03-09 | Werth IT GmbH | Data processing system with at least one server (S) as target system |
| CN115776383A (en) * | 2021-09-06 | 2023-03-10 | 马瑞利欧洲公司 | Vehicle network attack protection method based on time analysis and corresponding device |
| WO2023100168A1 (en) * | 2021-12-02 | 2023-06-08 | Red Bend Ltd. | Detection and mitigation of cyber attacks on aimed at vehicle's diagnostic sessions |
-
2023
- 2023-06-30 CN CN202310795825.6A patent/CN116700110B/en active Active
- 2023-06-30 CN CN202410556271.9A patent/CN118713850A/en active Pending
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20060067099A (en) * | 2004-12-14 | 2006-06-19 | 한국전자통신연구원 | Method and apparatus for protection to link security attack |
| CN104703206A (en) * | 2015-02-15 | 2015-06-10 | 中国科学院上海微系统与信息技术研究所 | Network protocol performance test bed system for wireless sensor network and testing method |
| JP2017112594A (en) * | 2015-12-14 | 2017-06-22 | パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカPanasonic Intellectual Property Corporation of America | Security device, network system and attack detection method |
| CN108415398A (en) * | 2017-02-10 | 2018-08-17 | 上海辇联网络科技有限公司 | Automobile information safety automation tests system and test method |
| CN213338428U (en) * | 2020-09-18 | 2021-06-01 | 大连理工大学 | Automobile CAN bus information safety simulation device |
| CN112187936A (en) * | 2020-09-29 | 2021-01-05 | 北京车和家信息技术有限公司 | Vehicle data processing method, device, equipment, storage medium and vehicle |
| WO2022085863A1 (en) * | 2020-10-21 | 2022-04-28 | 숭실대학교 산학협력단 | Method for handling hacked node on can bus physical layer, physical layer security method through automatic node id setting on can bus, recording medium for carrying out same, and system |
| CN115412279A (en) * | 2021-05-26 | 2022-11-29 | 马瑞利欧洲公司 | Method for preventing network attacks on vehicles and corresponding device |
| CN115776383A (en) * | 2021-09-06 | 2023-03-10 | 马瑞利欧洲公司 | Vehicle network attack protection method based on time analysis and corresponding device |
| DE102021123255A1 (en) * | 2021-09-08 | 2023-03-09 | Werth IT GmbH | Data processing system with at least one server (S) as target system |
| CN114157469A (en) * | 2021-11-27 | 2022-03-08 | 北京工业大学 | Vehicle-mounted network variant attack intrusion detection method and system based on domain-confronted neural network |
| WO2023100168A1 (en) * | 2021-12-02 | 2023-06-08 | Red Bend Ltd. | Detection and mitigation of cyber attacks on aimed at vehicle's diagnostic sessions |
Non-Patent Citations (3)
| Title |
|---|
| 丁文龙 ; 薛晓卿 ; 路鹏飞 ; 朱科屹 ; .车载CAN总线及网关渗透测试.工业技术创新.2018,(06),全文. * |
| 朱立民 ; 李仁发 ; .一种基于AES-CCM算法的安全车载CAN网络协议.汽车技术.2018,(08),全文. * |
| 王杰.网联汽车CAN总线的异常检测研究.《中国优秀硕士学位论文全文数据库 工程科技II辑》.2022,(第7期),全文. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116700110A (en) | 2023-09-05 |
| CN118713850A (en) | 2024-09-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103617705B (en) | A kind of rule-based Internet of Things alarm method and system | |
| CN104941305A (en) | Device and method for monitoring water purifier | |
| CN105070086A (en) | Intelligent traffic signal lamp fault detection and alarm system and method | |
| CN204415334U (en) | A kind of electric vehicle anti-theft control monitor unit based on Internet of Things | |
| CN205450097U (en) | Vehicle voltage warning system based on network communication | |
| CN104202200A (en) | FlexRay bus-based online network diagnosis device | |
| CN116700110B (en) | Distributed driving new energy automobile control method based on multi-module division | |
| CN201928757U (en) | GPRS wireless transmission network based intelligent monitoring system for water-saving irrigation of farmland | |
| CN104601574A (en) | Reading method for data acquisition of electric energy meter | |
| CN107741713A (en) | A kind of intelligent water pump controller based on Internet of Things | |
| CN116886350B (en) | New energy automobile control working method | |
| CN203520551U (en) | Fire alarm control system | |
| CN204856917U (en) | Traffic signal lamp trouble intellectual detection system , alarm system | |
| CN110519387A (en) | A kind of management method of Internet of things system and Intelligent terminal for Internet of things | |
| CN103871217B (en) | A kind of alarm method based on Wi-Fi wireless Internet | |
| CN116841233A (en) | Whole vehicle working system based on CAN bus layered control | |
| CN116827713A (en) | Simulation working system for new energy automobile | |
| CN116668175B (en) | New energy automobile operating system | |
| CN116684185A (en) | Automatic road condition data synthesizing method | |
| CN110989418A (en) | Data acquisition system based on RS485 communication and working method thereof | |
| CN205643330U (en) | Automatic device that restarts of sewage on -line monitoring equipment | |
| CN108549299A (en) | A kind of intelligent water pump controller gateway based on LAN | |
| CN204536838U (en) | The remote failure supervisory system of fire engine water-pump | |
| CN204596039U (en) | A kind of safety-protection system based on GSM | |
| CN108956408A (en) | A kind of filter check device, system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |